UK: Brexit And Payment Services

BREXIT: OPTIONS FOR PAYMENT SERVICES PROVIDERS

The payment services industry is, by nature, particularly
international in its outlook. It is therefore one of the industries
that is most likely to feel an impact from the momentous decision
of the British electorate to turn its back on more than 40 years of
integration with EU countries.

Brexit is likely to bring about further disruption in a business
area already rocked by the emergence of disruptive technologies,
and the likely further changes to the market to be brought about by
the implementation of the Second Payment Services Directive (PSD
2) (see
our briefing on PSD2) and the working out of the Interchange Fee Regulation. For cross-border
businesses, it will be necessary to work out the details of how
harmonisation measures such as the Single Euro Payments Area
(SEPA) will operate. Card schemes such as those
operated by Visa and MasterCard will need to consider whether the
UK can still be classified as part of Europe, with implications for
cost and speed of settlement.

These industry-specific issues come on top of the general issues
facing international businesses, and in particular staffing issues
where businesses currently rely on European staff whose ability to
remain in the UK post-Brexit is no longer guaranteed.

It is too early to comment on how these matters will work out.
It is worthwhile, however, to give some initial consideration to
one key question: to what extent will you need to move operations
or establish operations in Europe following the implementation of
Brexit?

We do not yet know what settlement the UK will reach with the
EU, and specifically whether it will be possible to secure any
continuation of passporting under the post-Brexit settlement.
Nevertheless, some thought should be given to what Plan B would
look like if the UK fails to secure a post-Brexit deal that would
allow UK-based firms continued access to the European single
market.

TRAVELLING WITHOUT A PASSPORT

UK Payments Institutions (payment services firms based in the UK
with full authorisation) up to now have benefited from passporting,
allowing them to provide payment services into the rest of the EEA.
Such firms (and particularly growing firms, who are dependent on
fundraising to maintain expansion) will need to consider their
options.

If a new passporting regime applies (for example if the UK
pursues the "Norway option" of becoming a member of the
European Free Trade Agreement, and therefore of the EEA, or if the
UK negotiates a bilateral agreement with the EU covering this),
there may be an option to continue operating very much on a similar
basis as applies at present. At the time of writing, however, this
does not look a likely outcome since the price to be paid for such
arrangements seems likely to include a continued requirement for
free movement of labour between the UK and the EU and this price
may not currently be politically acceptable.

If we assume then that passporting will no longer apply, what
options would be available to an authorised payment service firm
wishing to continue to provide its services into the European
single market?

IS YOUR JOURNEY REALLY NECESSARY?

To answer this question we must first look carefully at the
payment services that the firm provides and consider where these
are in fact provided. Where the regulated services are all being
undertaken in the UK, there will in fact be no need for
passporting.

It is also necessary to consider in what currency or currencies
the services are provided. Once the UK leaves the EU (assuming that
it does not become part of the EEA) Sterling will no longer be an
EU currency and this will affect which of the rules will apply,
even where a transaction is taking place within a single
jurisdiction.

Assuming that the analysis confirms that activities are taking
place within the EU that would normally require authorisation then,
based on the existing legislation within the Payment Services Directive (PSD) and PSD2, the
possibilities would appear to be as follows:

1. Move the company to another Member State

Moving an existing Payment Institution to another Member State
is not a simple process. To obtain registration as a Payment
Institution in a Member State it is necessary to be established in
that state.

There is only one form of business organisation which benefits
from a straightforward process to change its corporate seat from
one Member State to another – a company that has been
established as a Societas Europaea (SE). This is a special form of
public company established under EU law. It is still fairly rare,
with under 3,000 in existence across Europe and only around 50 with
their corporate seats in the UK, although this includes a
subsidiary (but not the active payment institution) of one notable
payment services provider – PayPal.

For other types of companies set up in the UK there is at
present usually no direct means to transfer the establishment or
registered office to another country. It may be possible, however,
to achieve the same result by indirect means:

One such means would be to convert
the company into an SE (which can usually be done fairly easily)
and then transfer its registration to another Member State. This
transfer cannot, however, be done at the same time as the
conversion and there is then a two-month waiting period after the
decision has been made to transfer.

An alternative might be to use the EU
Merger Directive by establishing a company in another Member State
and merging the original company into that company. The new company
would thereby be recognised legally as the successor to the
business of the old company. However there are some doubts about
whether this regime may be used for mergers of a UK company
involving a newly incorporated transferee company.

In either case the effect of the transfer would be to cancel the
company's UK authorisation (as it would no longer meet the
threshold requirements for being authorised in the UK). It would
therefore, before transferring its registration to another Member
State, need to have put in place a new authorisation in that Member
State, which could be activated on its becoming registered
there.

If it is the wish to move a business overseas (or turn an
overseas branch into an overseas company), both the above routes
have certain advantages compared with the other legal possibility
of transferring the business through an intra-group sale of assets.
In particular they avoid the need for the consent of counterparties
to transfer third-party contracts, they allow liabilities to be
transferred automatically, and they do not require the transferring
business to go into liquidation. Also, there are special tax rules
that may be attractive and it may also be possible to avoid stamp
duty/stamp taxes. Tax advice will still be needed, however, in
relation to the position of the transferee company.

However, depending on the settlement reached between the UK and
the EU, moving the company to the EU might allow payment services
to be provided in the EU, but still leave a problem as to whether
the services can be provided within the UK.

Given the difficulty of transferring the Payment Institution
itself to another state and the challenges this might create for
the business still being done in the UK, for most UK businesses it
will be more practical to maintain an establishment in the UK
and

obtain authorisations or other regulatory cover for business
undertaken within the EU.

2. Operate branches in other Member States

Unless the business can be established as a credit institution
or an Electronic Money Issuer (which themselves involve specific
requirements for authorisation or registration), an authorisation
as a Payment Institution in a Member State is the only practical
way of obtaining an EU passport.

In the absence of a passport, it is necessary to look at the
legality of the firm's activities on a state by state basis and
to consider whether it is possible to obtain a local authorisation
under the national laws of each relevant state for the activities
carried out in that state - this is likely to require at minimum
for a branch to be established in each state.

3. Operate as a small payments institution in another Member
State

There is theoretically at least also the possibility, under the
drafting of both the PSD and PSD2, that a UK incorporated firm
could operate post-Brexit in one other Member State if it moved its
head office to that Member State and became registered as a small
payments institution under the laws of that state. This appears
possible under the exemption in Article 26 PSD (which is carried
forward in Article 27 PSD2). This exemption applies when the amount
of business being done within the Member State falls below a
certain threshold and appears to cover any legal person that has
its head office or place of residence in the Member State in which
it carries on business.

Whether any solution along these lines would work in practice,
however, would depend on the law and the relevant jurisdiction
having taken the benefit of this exemption. Also this is unlikely
to be a practical solution for most businesses as it would allow
business to be done only in the UK and one other EU country, and
would limit the amount of business that could be done in that
country.

4. Establish a subsidiary that is authorised in another Member
State

The next possibility would be to establish a subsidiary in
another Member State. As this subsidiary would need to pass all the
threshold conditions for authorisation in that Member State, there
is likely to be some duplication of costs. There would be issues to
unpick as to how to sign up customers to become clients of the new
company and in relation to the transfer of client data. Of course,
the use of customer data across borders will be affected by the
General Data Protection Regulation (GDPR) and the way in which it
is applied before and after Brexit. The Fieldfisher Privacy
Security and Information team's guidance on this issue can be
found
here.

For an existing UK-based firm the decision as to what state to
establish a subsidiary in will be determined by a number of
factors. Such factors may include where the firm already has links
and does business, the cost and quality of service providers and
resources such as premises in the jurisdiction and general business
climate such as tax and labour laws in each jurisdiction

For groups with established UK operations, one factor that may
be important is the attitude of the Member State to outsourcing by
its authorised Payments Institutions. It is likely to be
operationally efficient to outsource as much as possible of the
activities of the business to the UK entity, taking advantage of
the systems, personnel and organisation already established in the
UK.

From our experience, and having undertaken a comparative
analysis with colleagues in other EU Member States, the outsourcing
process is recognised and accepted under the regulatory regimes in
the major EU states, but will typically require advance
notification to the local regulator and is subject to certain
constraints. As one would expect, there are common themes. All the
Member States we have looked at do allow outsourcing but impose
mandatory provisions as to how this may take place so as to protect
the ability of the regulator to supervise, and as to the minimum
level of resource in the home state, with a view to ensuring that
the central management is situated within the authorising state.
Thus the outlook and practices of local regulators on this issue
may be relevant alongside the broader commercial and legal factors.
In any event, the outsourcing agreement will need to meet the
standards of the regulator and GDPR requirements for customer data
flows.

PSD sets a three month time period for applications to be heard
but it would be prudent to allow six to nine months for the
process.

5. Operate as an agent of a firm authorised in the EU

It may be possible to continue to carry on business through an
EU branch if that branch can be appointed to act as an agent of
another firm that is authorised in that country (or is authorised
in another EU country and has passported into that country). Care
will need to be taken that the arrangements can properly be seen as
an agency, and it is possible that the arrangements would lead to
some dilution of the branding of the service provided. However this
could be a practical solution for those not wanting to go to the
extent of duplicating the costs of authorisation.

6. Operate in conjunction with an authorised firm in the Member
State

This solution would involve setting up partnering arrangements
with another firm authorised in a Member State so that that
organisation handles any activities being undertaken in the Member
State. This will involve close attention to the business model to
make sure that there is a clear geographic demarcation,

so that the activities being undertaken by the UK firm would not
be considered to be happening within the EU, and all activities
being undertaken in the EU are being undertaken by the partner
firm. The UK firm would not need a passport because it would not be
operating in a Member State. This would involve a change of
business model as there will be another party who would need to be
remunerated for its contribution. Indeed, the collaboration may be
set up on a mutual basis. Whether the relationship is one-way or
mutual, branding and data protection would need to be thought about
carefully.

Where the UK firm already has set up any branch arrangements in
the Member State, these would become redundant on this model, and
probably this model would involve a sale or transfer of the branch
assets in the European Member State to the new commercial
partner.

BREXIT CUTS TWO WAYS

The discussion above focuses on UK Payment Institutions that
rely on passporting into Europe. Of course, Brexit cuts both ways,
and will also cause issues for Payment Institutions based elsewhere
within the EU that rely on passporting into the UK. Whilst we
expect the UK's natural disposition would be sympathetic
towards such businesses and would allow some easy route for them to
continue to enjoy some kind of passporting regime, their fate may
be one of the pawns to be sacrificed as part of the negotiations
and it is possible that there will be no such opportunity at first.
If this happens, the analysis mentioned above may apply similarly,
but in the opposite direction.

CONCLUSION

There is no need to panic. A period of at least two years is
likely during which the UK will remain a member of the EU and
payment services firms will be subject to the same regulatory
regime that exists at present. Indeed, the FCA in its response to
the Brexit decision has underlined the need to carry on as before,
both in following the existing rules and in preparing for the new
EU legislation that is in the pipeline (including, of course, PSD
2).

It is possible that a deal may be done that secures passporting
and that no action need be taken. Even so, contingency planning
from an early stage would be prudent as some of the options may
take time to put in place and there will be a need beforehand to
assess the opportunities in each jurisdiction. Whilst the
authorisation framework should be the same in each EU jurisdiction,
there may be nuanced local differences as to how this framework is
applied and in the helpfulness of the regulator. Just as
importantly, it will be necessary to assess the general business
environment, including taxation, labour law, operating costs and
quality of local partners and service providers.

As a European firm, Fieldfisher stands ready to help with
whatever route you may choose to navigate through the coming
uncertainties.

The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

In our report "The next frontier - the future of automated financial advice in the UK", published in April, we noted that a key regulatory challenge for firms in providing automated advice is understanding...

In the first half of 2018, two major new pieces of regulation will "go live" as the revised Payment Services Directive and the General Data Protection Regulation come into effect from January and May respectively.

This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).

Email Address

Company Name

Password

Confirm Password

Position

Mondaq Topics -- Select your Interests

Accounting

Anti-trust

Commercial

Compliance

Consumer

Criminal

Employment

Energy

Environment

Family

Finance

Government

Healthcare

Immigration

Insolvency

Insurance

International

IP

Law Performance

Law Practice

Litigation

Media & IT

Privacy

Real Estate

Strategy

Tax

Technology

Transport

Wealth Mgt

Regions

Africa

Asia

Asia Pacific

Australasia

Canada

Caribbean

Europe

European Union

Latin America

Middle East

U.K.

United States

Worldwide Updates

Check to state you have read and agree to our Terms and Conditions

Terms & Conditions and Privacy Statement

Mondaq.com (the Website) is owned and managed by Mondaq Ltd and as a user you
are granted a non-exclusive, revocable license to access the Website under its
terms and conditions of use. Your use of the Website constitutes your agreement
to the following terms and conditions of use. Mondaq Ltd may terminate your use
of the Website if you are in breach of these terms and conditions or if Mondaq
Ltd decides to terminate your license of use for whatever reason.

Use of www.mondaq.com

You may use the Website but are required to register as a user if you wish to
read the full text of the content and articles available (the Content). You may
not modify, publish, transmit, transfer or sell, reproduce, create derivative
works from, distribute, perform, link, display, or in any way exploit any of the
Content, in whole or in part, except as expressly permitted in these terms &
conditions or with the prior written consent of Mondaq Ltd. You may not use
electronic or other means to extract details or information about Mondaq.com’s
content, users or contributors in order to offer them any services or products
which compete directly or indirectly with Mondaq Ltd’s services and products.

Disclaimer

Mondaq Ltd and/or its respective suppliers make no representations about the
suitability of the information contained in the documents and related graphics
published on this server for any purpose. All such documents and related
graphics are provided "as is" without warranty of any kind. Mondaq Ltd and/or
its respective suppliers hereby disclaim all warranties and conditions with
regard to this information, including all implied warranties and conditions of
merchantability, fitness for a particular purpose, title and non-infringement.
In no event shall Mondaq Ltd and/or its respective suppliers be liable for any
special, indirect or consequential damages or any damages whatsoever resulting
from loss of use, data or profits, whether in an action of contract, negligence
or other tortious action, arising out of or in connection with the use or
performance of information available from this server.

The documents and related graphics published on this server could include
technical inaccuracies or typographical errors. Changes are periodically added
to the information herein. Mondaq Ltd and/or its respective suppliers may make
improvements and/or changes in the product(s) and/or the program(s) described
herein at any time.

Registration

Mondaq Ltd requires you to register and provide information that personally
identifies you, including what sort of information you are interested in, for
three primary purposes:

To allow you to personalize the Mondaq websites you are visiting.

To enable features such as password reminder, newsletter alerts, email a
colleague, and linking from Mondaq (and its affiliate sites) to your website.

Mondaq (and its affiliate sites) do not sell or provide your details to third
parties other than information providers. The reason we provide our information
providers with this information is so that they can measure the response their
articles are receiving and provide you with information about their products and
services.

If you do not want us to provide your name and email address you may opt out
by clicking here .

If you do not wish to receive any future announcements of products and
services offered by Mondaq by clicking here .

Information Collection and Use

We require site users to register with Mondaq (and its affiliate sites) to
view the free information on the site. We also collect information from our
users at several different points on the websites: this is so that we can
customise the sites according to individual usage, provide 'session-aware'
functionality, and ensure that content is acquired and developed appropriately.
This gives us an overall picture of our user profiles, which in turn shows to
our Editorial Contributors the type of person they are reaching by posting
articles on Mondaq (and its affiliate sites) – meaning more free content for
registered users.

We are only able to provide the material on the Mondaq (and its affiliate
sites) site free to site visitors because we can pass on information about the
pages that users are viewing and the personal information users provide to us
(e.g. email addresses) to reputable contributing firms such as law firms who
author those pages. We do not sell or rent information to anyone else other than
the authors of those pages, who may change from time to time. Should you wish us
not to disclose your details to any of these parties, please tick the box above
or tick the box marked "Opt out of Registration Information Disclosure" on the
Your Profile page. We and our author organisations may only contact you via
email or other means if you allow us to do so. Users can opt out of contact when
they register on the site, or send an email to unsubscribe@mondaq.com with “no
disclosure” in the subject heading

Mondaq News Alerts

In order to receive Mondaq News Alerts, users have to complete a separate
registration form. This is a personalised service where users choose regions and
topics of interest and we send it only to those users who have requested it.
Users can stop receiving these Alerts by going to the Mondaq News Alerts page
and deselecting all interest areas. In the same way users can amend their
personal preferences to add or remove subject areas.

Cookies

A cookie is a small text file written to a user’s hard drive that contains an
identifying user number. The cookies do not contain any personal information
about users. We use the cookie so users do not have to log in every time they
use the service and the cookie will automatically expire if you do not visit the
Mondaq website (or its affiliate sites) for 12 months. We also use the cookie to
personalise a user's experience of the site (for example to show information
specific to a user's region). As the Mondaq sites are fully personalised and
cookies are essential to its core technology the site will function
unpredictably with browsers that do not support cookies - or where cookies are
disabled (in these circumstances we advise you to attempt to locate the
information you require elsewhere on the web). However if you are concerned
about the presence of a Mondaq cookie on your machine you can also choose to
expire the cookie immediately (remove it) by selecting the 'Log Off' menu option
as the last thing you do when you use the site.

Some of our business partners may use cookies on our site (for example,
advertisers). However, we have no access to or control over these cookies and we
are not aware of any at present that do so.

Log Files

We use IP addresses to analyse trends, administer the site, track movement,
and gather broad demographic information for aggregate use. IP addresses are not
linked to personally identifiable information.

Links

This web site contains links to other sites. Please be aware that Mondaq (or
its affiliate sites) are not responsible for the privacy practices of such other
sites. We encourage our users to be aware when they leave our site and to read
the privacy statements of these third party sites. This privacy statement
applies solely to information collected by this Web site.

Surveys & Contests

From time-to-time our site requests information from users via surveys or
contests. Participation in these surveys or contests is completely voluntary and
the user therefore has a choice whether or not to disclose any information
requested. Information requested may include contact information (such as name
and delivery address), and demographic information (such as postcode, age
level). Contact information will be used to notify the winners and award prizes.
Survey information will be used for purposes of monitoring or improving the
functionality of the site.

Mail-A-Friend

If a user elects to use our referral service for informing a friend about our
site, we ask them for the friend’s name and email address. Mondaq stores this
information and may contact the friend to invite them to register with Mondaq,
but they will not be contacted more than once. The friend may contact Mondaq to
request the removal of this information from our database.

Security

This website takes every reasonable precaution to protect our users’
information. When users submit sensitive information via the website, your
information is protected using firewalls and other security technology. If you
have any questions about the security at our website, you can send an email to
webmaster@mondaq.com.

Correcting/Updating Personal Information

If a user’s personally identifiable information changes (such as postcode),
or if a user no longer desires our service, we will endeavour to provide a way
to correct, update or remove that user’s personal data provided to us. This can
usually be done at the “Your Profile” page or by sending an email to EditorialAdvisor@mondaq.com.

Notification of Changes

If we decide to change our Terms & Conditions or Privacy Policy, we will
post those changes on our site so our users are always aware of what information
we collect, how we use it, and under what circumstances, if any, we disclose it.
If at any point we decide to use personally identifiable information in a manner
different from that stated at the time it was collected, we will notify users by
way of an email. Users will have a choice as to whether or not we use their
information in this different manner. We will use information in accordance with
the privacy policy under which the information was collected.

How to contact Mondaq

If for some reason you believe Mondaq Ltd. has not adhered to these
principles, please notify us by e-mail at problems@mondaq.com and we will use
commercially reasonable efforts to determine and correct the problem promptly.